In odoo we can perform security options i.e, creation of groups,access rights and record rules using both UI and using code,but which is preferable while providing security for any module
@@vickykrishnan6797 from the code, if you are developing for a client, if you are end user, better doing from ui and if you do from the UI it will be db specific, when you do it in code, it will be available across different db's
I have created the hierarchical group. How do I apply the ir.rule for the group in Odoo? Suppose I have four group in hierarchicaly then how to write the ir.rule ???
Hi, Instead of the check-boxes I want dropdown to be shown so that user can be assigned to only a single group i.e. a user can only be in one of the A,B,C,D groups if I have different groups for a module. How it can be done.(what I mean is to change the type from boolean to selection)
set the implied_ids for the groups correctly,so that it will come as selection instead of checkbox, if you have 3 groups, let it be G1, G2 and G2, add G1 in implied_ids of G2, and add G2 in implied_ids of G3, then it will come as selection. Refer: Existing groups, sales
Hi Can you explain more about in record rule inside this line. what others write there eval="[(4, ref(' '))]" means 4,6,3,2 like i want to know about it plz explain that one. why we write eval what was use of it
(1, ID, { values }) update the linked record with id = ID (write *values* on it) (2, ID) remove and delete the linked record with id = ID (calls unlink on ID, that will delete the object completely, and the link to it as well) (3, ID) cut the link to the linked record with id = ID (delete the relationship between the two objects but does not delete the target object itself) (4, ID) link to existing record with id = ID (adds a relationship) (5) unlink all (like using (3,ID) for all linked records) (6, 0, [IDs]) replace the list of linked IDs (like using (5) then (4,ID) for each ID in the list of IDs)
Great video! How can I set security rights for custom module (I inherited an existing one). So let's say I extended a module and I added a new page in the notebook view or even a new field.
what type of security for new page or new field ? for hiding the pages or fields, you can directly give groups="group_name" along with field or page definition, so that it will be visible only for users in this group
@@OdooMates for example to hide a page/field from hr_officer but available to hr_manager. How would I write the page/field definition. I though I could only write model name
@@OdooMates both custom module and custom category are created. The custom module category in the manifest is affected to the created custom category. My question, why is this custom category is not showing in the left filter tree view in Apps module such as: All, Accounting, Website, Administration, ..Technical..?
I want to restrict hide and create button from specific groups so I created group and record_rule but still when I add a user in group I still can do both edit and create records in model account.move. Adding code which I do. .XML Cannot Edit Journal Entries
Rule To Restrict Edit Journal Entries
ir.model.access.csv access_account_move,access.account.move,model_account_move,sobytek_sbtwo.group_cannot_edit_journal_entries,1,0,0,0 STILL AFTER LOGGING IN FROM USER WHO IS IN GROUP, I CAN STILL CREATE or EDIT records
This solution will work if I need that attribute to be either both read and write or neither read nor write. In other words, it will not be sufficient if I need the field to be only read and not writable.
if you need to modify existing rules, that allows manager to edit all the records, find the rule that grand edit access for manager, you can go the record rules menu and filter the rules of particular model and can find the rule. Then you can inherit it in your model and remove edit access from it. Add a new rule with domain(to get only his record) and then grand edit access.
Watching your security video i give the permission the user is perm_unlink=0 and manager give tha all the permission but both will be able to delete,how we can set that usee cannot be able to delete and maneger can do please help
You can add attrs readonly in the code, for this you have to add a boolean field in the model and compute the value to it, during computation check users group and based on this field make the field readonly. Hope you get some idea :)
@@OdooMates File "/home/adel/odoo/odoo/addons/base/models/ir_http.py", line 237, in _dispatch result = request.dispatch() File "/home/adel/odoo/odoo/http.py", line 683, in dispatch result = self._call_function(**self.params) File "/home/adel/odoo/odoo/http.py", line 359, in _call_function return checked_call(self.db, *args, **kwargs) File "/home/adel/odoo/odoo/service/model.py", line 94, in wrapper return f(dbname, *args, **kwargs) File "/home/adel/odoo/odoo/http.py", line 347, in checked_call result = self.endpoint(*a, **kw) File "/home/adel/odoo/odoo/http.py", line 912, in __call__ return self.method(*args, **kw) File "/home/adel/odoo/odoo/http.py", line 531, in response_wrap response = f(*args, **kw) File "/home/adel/odoo/addons/web/controllers/main.py", line 1377, in call_kw return self._call_kw(model, method, args, kwargs) File "/home/adel/odoo/addons/web/controllers/main.py", line 1369, in _call_kw return call_kw(request.env[model], method, args, kwargs) File "/home/adel/odoo/odoo/api.py", line 396, in call_kw result = _call_kw_multi(method, model, args, kwargs) File "/home/adel/odoo/odoo/api.py", line 383, in _call_kw_multi result = method(recs, *args, **kwargs) File "/home/adel/odoo/odoo/models.py", line 3021, in read self._read(stored_fields) File "/home/adel/odoo/odoo/models.py", line 3167, in _read field.read(fetched) File "/home/adel/odoo/odoo/fields.py", line 3158, in read group[get_id(line[inverse])].append(line.id) File "/home/adel/odoo/odoo/models.py", line 5639, in __int__ return self.id or 0 File "/home/adel/odoo/odoo/fields.py", line 3809, in __get__ raise ValueError("Expected singleton: %s" % record) Exception The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/home/adel/odoo/odoo/http.py", line 639, in _handle_exception return super(JsonRequest, self)._handle_exception(exception) File "/home/adel/odoo/odoo/http.py", line 315, in _handle_exception raise exception.with_traceback(None) from new_cause ValueError: Expected singleton: gi.classroom(9, 10, 11)
I am working on a module, whose main purpose is to restrict product creation for a certain group of users. I tried multiple ways but the problem is not solved still. Let me be more clear: I created a group named (Restrict To Create Products) and I have added some users in this group now I want to restrict this group from creating products. Any help would be really appreciated. Thank You
Hi, you can override the create method of the product model and check whether the users is in this group, if user is in this group, we can block the creation by showing the warning
Sir it's very nice video. you have well explained about groups and users but you missed one thing which was a company. you have not explained about it nor you have made other video related to company can you do that. i want to add new tab in company view but i face problem can you help me please.
@@OdooMates Sir when i try to add this record Your New barcode Company it's working when i try to add new tab go to this link there is screenshot apps.odoo.com/apps/modules/13.0/sh_barcode_generator_simple/ i want to develop like that when i put this code for new tab
Your New barcode Company
This is an example of notebooks
and run it's says File "src/lxml/lxml.etree.pyx", line 3501, in lxml.etree._Validator.assert_ (src/lxml/lxml.etree.c:184715) AssertionError: Element odoo has extra content: data, line 3 Please help me to fix this please.
Great tutorial - watched it several times. Very comprehensive
Glad to hear it
Super helpful tutorial! Was really struggling with Odoo permissions concepts
Glad you liked it!
Well, Explanation. I understand why to use Record rule and access right in Odoo.
Thanks for sharing the video.
Glad it was helpful!
You are the best 👍🏻👍🏻👍🏻
thanks brother
Great video!
Thanks brother for the support ❤️❤️❤️
Really beautiful video! Appreciate it very much.
thanks brother for the support
In odoo we can perform security options i.e, creation of groups,access rights and record rules using both UI and using code,but which is preferable while providing security for any module
From the code itself initially add the rules(as odoo provides), and then let user change the rules accordingly
@@OdooMates actually my doubt is why code is more preferable as performing security using UI is much easy and time saving.
Which one is more preferable - performing security via user interface(UI) or through code? Which one will be best?
@@vickykrishnan6797 from the code, if you are developing for a client, if you are end user, better doing from ui and if you do from the UI it will be db specific, when you do it in code, it will be available across different db's
Thank you so much 😍😍
I have created the hierarchical group. How do I apply the ir.rule for the group in Odoo? Suppose I have four group in hierarchicaly then how to write the ir.rule ???
Thanks, it helps a lot Good job
You're welcome!
Great video, for me it was very useful!!!
Such comments are our energy/vibe to create more videos in the development tutorials. Hope you will like and subscribe the channel and support us
Sure, I already subscribed, please, continue with this videos!!!
Hi, can you please share how we can add User Rights on a particular Action, such as Stage Changing in the Recruitment Module
you can add the group to the button
Thank you very much. Its was very helpfull
happy to hear it
My access rights are only visible in debug mode, how can i make it always visible?
It is so helpful for me .Thank you very much.
Hope you will like the video and subscribe the channel and support us :)
Super video Thank You!
welcome bro
hey pro , why class CreateAppointment in wizards , you don't create access right in security/ir.model.access.csv ?
Security is not necessary for the transient.models till odoo13 , it will be added in odoo14
Odoo Mates wow thank for sharing pro
Hi,
Instead of the check-boxes I want dropdown to be shown so that user can be assigned to only a single group i.e. a user can only be in one of the A,B,C,D groups if I have different groups for a module. How it can be done.(what I mean is to change the type from boolean to selection)
set the implied_ids for the groups correctly,so that it will come as selection instead of checkbox, if you have 3 groups, let it be G1, G2 and G2, add G1 in implied_ids of G2, and add G2 in implied_ids of G3, then it will come as selection.
Refer: Existing groups, sales
@@OdooMates Thanks a lot
I got it from your video itself.
@@mohammedajmal3264 welcome brother :)
How can i hide the edit button depends on the condition? For example: if the john created the data nobody can change it. So hide the edit button..
Excellent, thank you for elaborating step by step
Glad you liked it
Hi
Can you explain more about in record rule inside this line.
what others write there eval="[(4, ref(' '))]" means 4,6,3,2 like
i want to know about it plz explain that one. why we write eval what was use of it
(1, ID, { values }) update the linked record with id = ID (write *values* on it)
(2, ID) remove and delete the linked record with id = ID (calls unlink on ID, that will delete the object completely, and the link to it as well)
(3, ID) cut the link to the linked record with id = ID (delete the relationship between the two objects but does not delete the target object itself)
(4, ID) link to existing record with id = ID (adds a relationship)
(5) unlink all (like using (3,ID) for all linked records)
(6, 0, [IDs]) replace the list of linked IDs (like using (5) then (4,ID) for each ID in the list of IDs)
Great video! How can I set security rights for custom module (I inherited an existing one). So let's say I extended a module and I added a new page in the notebook view or even a new field.
what type of security for new page or new field ? for hiding the pages or fields, you can directly give groups="group_name" along with field or page definition, so that it will be visible only for users in this group
@@OdooMates for example to hide a page/field from hr_officer but available to hr_manager. How would I write the page/field definition. I though I could only write model name
How to show a custom category created in ir.module.category in the Applications module after affecting a module to it ?
You mean how to add a new module category or
@@OdooMates both custom module and custom category are created. The custom module category in the manifest is affected to the created custom category. My question, why is this custom category is not showing in the left filter tree view in Apps module such as: All, Accounting, Website, Administration, ..Technical..?
How can we set access for a module only for administartor ?
you can create a new user group and set this group for the models, views and menus, and add admin to this group, so only admin will see the changes
I want to restrict hide and create button from specific groups so I created group and record_rule but still when I add a user in group I still can do both edit and create records in model account.move. Adding code which I do.
.XML
Cannot Edit Journal Entries
Rule To Restrict Edit Journal Entries
ir.model.access.csv
access_account_move,access.account.move,model_account_move,sobytek_sbtwo.group_cannot_edit_journal_entries,1,0,0,0
STILL AFTER LOGGING IN FROM USER WHO IS IN GROUP, I CAN STILL CREATE or EDIT records
may be other existing rules for the same model getting conflicted ?
Very helpful video.
Happy to hear it. Hope you will refer the channel to your friends. Also support us by like and subscribe the channel
Is there a way to setup field level access rights on the object? (not just the view)
quotation_count = fields.Integer('Quotation Count', groups='sales_team.group_sale_salesman', compute="_compute_quotation_count")
This solution will work if I need that attribute to be either both read and write or neither read nor write. In other words, it will not be sufficient if I need the field to be only read and not writable.
thank you so much sir!
Glad it helped ❤️
Hello everyone. How to modify the rights so that the manager can see all the records, but edit which is his own?
if you need to modify existing rules, that allows manager to edit all the records, find the rule that grand edit access for manager, you can go the record rules menu and filter the rules of particular model and can find the rule. Then you can inherit it in your model and remove edit access from it. Add a new rule with domain(to get only his record) and then grand edit access.
Watching your security video i give the permission the user is perm_unlink=0 and manager give tha all the permission but both will be able to delete,how we can set that usee cannot be able to delete and maneger can do please help
can you make sure that the testing user is only in the users group and not in managers group
how can i set as particular module can only see by users in home menu
assign a group for the main menu, then users in this group only will be able to see it
@@OdooMates but i want to hide existing module like contact ,employees from other user
Thank you, How to hide category administration from user form?
for all the users ?
@@OdooMates yes for all users or only for users not in setting group
How can select default group for application, when i create a new User?
If the question is about the default access rights for newly created users, see this: ruclips.net/video/JeBRg_iXQHY/видео.html
How can I set some permission by checkbox in settings when I admin?
See this : ruclips.net/video/-6KncTZIiX0/видео.html
Please how can i make planned_hours for project module *not editable for user* and * editable for manager * thank you in advance
You can add attrs readonly in the code, for this you have to add a boolean field in the model and compute the value to it, during computation check users group and based on this field make the field readonly. Hope you get some idea :)
how can i set access right use group of another module
For example: i want to set access right use group of hr module
thanks a lot
in the csv file, you can set the model as hr.model_hr_employee , like this
Thank you very much
Welcome bro ❤❤
that is great brother
bro can you help me with this error please
ValueError: Expected singleton: MyClass(2, 3, 4)
iterate self over a for loop, can you show me the code where you gets the error
@@OdooMates File "/home/adel/odoo/odoo/addons/base/models/ir_http.py", line 237, in _dispatch
result = request.dispatch()
File "/home/adel/odoo/odoo/http.py", line 683, in dispatch
result = self._call_function(**self.params)
File "/home/adel/odoo/odoo/http.py", line 359, in _call_function
return checked_call(self.db, *args, **kwargs)
File "/home/adel/odoo/odoo/service/model.py", line 94, in wrapper
return f(dbname, *args, **kwargs)
File "/home/adel/odoo/odoo/http.py", line 347, in checked_call
result = self.endpoint(*a, **kw)
File "/home/adel/odoo/odoo/http.py", line 912, in __call__
return self.method(*args, **kw)
File "/home/adel/odoo/odoo/http.py", line 531, in response_wrap
response = f(*args, **kw)
File "/home/adel/odoo/addons/web/controllers/main.py", line 1377, in call_kw
return self._call_kw(model, method, args, kwargs)
File "/home/adel/odoo/addons/web/controllers/main.py", line 1369, in _call_kw
return call_kw(request.env[model], method, args, kwargs)
File "/home/adel/odoo/odoo/api.py", line 396, in call_kw
result = _call_kw_multi(method, model, args, kwargs)
File "/home/adel/odoo/odoo/api.py", line 383, in _call_kw_multi
result = method(recs, *args, **kwargs)
File "/home/adel/odoo/odoo/models.py", line 3021, in read
self._read(stored_fields)
File "/home/adel/odoo/odoo/models.py", line 3167, in _read
field.read(fetched)
File "/home/adel/odoo/odoo/fields.py", line 3158, in read
group[get_id(line[inverse])].append(line.id)
File "/home/adel/odoo/odoo/models.py", line 5639, in __int__
return self.id or 0
File "/home/adel/odoo/odoo/fields.py", line 3809, in __get__
raise ValueError("Expected singleton: %s" % record)
Exception
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/home/adel/odoo/odoo/http.py", line 639, in _handle_exception
return super(JsonRequest, self)._handle_exception(exception)
File "/home/adel/odoo/odoo/http.py", line 315, in _handle_exception
raise exception.with_traceback(None) from new_cause
ValueError: Expected singleton: gi.classroom(9, 10, 11)
@@OdooMates the code
class GiClass(models.Model):
_name = "gi.classroom"
_inherit = ['mail.thread']
_description = "les classroom du département de Genie Industriel"
_rec_name = 'nom'
nom = fields.Char(string='Code du grupe', required=True)
etudiants = fields.One2many('gi.etudiant', 'classroom', string='Etudiants')
professeurs = fields.One2many('gi.professeur', 'classroom', string='Professeurs')
cours = fields.One2many('gi.cours', 'classroom', string='Etudiants')
examens = fields.One2many('gi.cours', 'classroom', string='Examens')
num = fields.Char(string='Numéro du classroom', required=True)
Can you send me the code part that throws the errror
@@OdooMates when i add 2 or 3 classroom
classroom = fields.Many2many('gi.classroom', string="Groupe")
I am working on a module, whose main purpose is to restrict product creation for a certain group of users. I tried multiple ways but the problem is not solved still.
Let me be more clear:
I created a group named (Restrict To Create Products) and I have added some users in this group now I want to restrict this group from creating products.
Any help would be really appreciated.
Thank You
Hi, you can override the create method of the product model and check whether the users is in this group, if user is in this group, we can block the creation by showing the warning
Sir it's very nice video. you have well explained about groups and users but you missed one thing which was a company. you have not explained about it nor you have made other video related to company can you do that. i want to add new tab in company view but i face problem can you help me please.
Regarding the companies, if you look how the security across companies are done, it is purely using the record rules right ...
What is the issue you face in adding new tab in company page .... please let us know
@@OdooMates Sir when i try to add this record
Your New barcode Company
it's working when i try to add new tab go to this link there is screenshot apps.odoo.com/apps/modules/13.0/sh_barcode_generator_simple/ i want to develop like that when i put this code for new tab
Your New barcode Company
This is an example of notebooks
and run it's says File "src/lxml/lxml.etree.pyx", line 3501, in lxml.etree._Validator.assert_ (src/lxml/lxml.etree.c:184715)
AssertionError: Element odoo has extra content: data, line 3 Please help me to fix this please.
i took off the superuser and then my module was disappeared not like in this video
if you are new to odoo, feel free to watch video in the order of playlist for better understanding: ruclips.net/video/r11U1pqGqQQ/видео.html
@@OdooMates Thank you you are the best
Thanks.
:)
It is so helpful for me .Thank you very much.
happy that it helped